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Response to Amendment 

This Office Action is in response to a communication made on January 6, 2006. 

Claims 1-6 have been cancelled. 

Claims 7-14 have been amended. 

Claims 7-14 are pending in this application. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C, 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claim 7-14 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Feigen (5699513). 

Regarding claim 7, Feigen teaches a method for allowing a client application to 
establish, in a client network, a first connection having a first security level with a first 
port of a server application hosted in a server machine linked to a server network, in 
order to send messages addressed to the server machine, said messages passing from 
the client network to the server network through a network layer of a gateway machine 
(Figure 3, security server is the gateway), comprising: 

creating a second port in the gateway machine; 
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ordering the network layer of the gateway machine to reroute to the second port 
any message sent to the first port, addressed to the server machine (Column 4, lines 4 
-11); 

listening to the second port to detect a request to establish said first connection 
(Column 4, lines 12 - 19) and; 

generating, in the gateway machine, a thread for establishing said first 
connection when a request to establish said first connection is detected in the second 
port (Column 4, lines 22 - 31 ). 

Regarding claims 10 and 11, Feigen teaches a method according to claims 7 
and 8, characterized in that the steps of creating and ordering are executed 
automatically by a first process of the gateway machine and in that said first process 
generates a second process that executes the third and the fourth step (Column 4, lines 
12-31). 

Regarding claims 12 and 13, Feigen teaches a method according to claims 10 
and 1 1 , further comprising automatically executing the steps of creating, rerouting and 
deleting by a first process of the gateway machine and generating by said first process 
a second process that executes the steps of listening and generating a thread (Column 
4, lines 12-31). 

Regarding claim 14, Feigen teaches a method for allowing a client application to 
establish in a client network a first connection having a first security level, directly with a 
first port of a server application hosted in a server machine linked to a server network, in 
order to send messages addressed to the server machine, said messages passing from 
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the client network to the server network through a network layer of a gateway machine 
(Figure 3, security server is the gateway), characterized in that it consists of activating, 
in the gateway machine, a secure application proxy that reroutes the messages from 
the first connection, in a way that is transparent for the client application (Column 4, 
lines 4-11), in order to establish a second connection having a second security level 
with the server application, said second connection being unknown to said client 
application (Column 4, lines 22 - 31 ). 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 8 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Feigen in view of Winiger (5845068). 

Regarding claim 8, Feigen teaches a method according to claim 7. 

Feigen does not explicitly indicate defining a third port of the server application 
for receiving at least one of the messages with a second security level; and whereas 
said thread comprises: 

establishing said first connection in a first phase with a first security level in a first 
interface associated with the second port and with said request; 

establishing in a second phase a second connection with a second level of 
security in a second interface to the third port in the server machine; 
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writing with the second security level in the second interface any message read 
in the first interface with the first security level in a third phase, and; 
writing with the first security level in the first interface any message read in the second 
interlace with the second security level in a fourth phase. 

Winiger teaches a method according to claim 7, further comprising: 

defining a third port of the server application for receiving at least one of the 
messages with a second security level (Column 4, line 67 - Column 5, line 4); and 
whereas said thread comprises: 

establishing said first connection in a first phase with a first security level in a first 
interface associated with the second port and with said request; 

establishing in a second phase a second connection with a second level of 
security in a second interface to the third port in the server machine (Column 4, line 67 
- Column 5, line 6, where the system allows a new connection to open and request a 
socket of the server application, if the socket is open it allows a new connection to be 
made at a specified security level, which can be different then a previously opened 
socket or port which is operating at a completely separate security layer or label); 

writing with the second security level in the second interface any message read 
in the first interface with the first security level in a third phase, and; 
writing with the first security level in the first interface any message read in the second 
interlace with the second security level in a fourth phase (Column 5, lines 10-14; 
Column 4, lines 44 - 51 where when the system opens a socket at a certain security 
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level it responses with the response that contains the identification of the security level 
in the response header). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Winiger's teaching of multiple security classification levels in 
Feigen's system in order to allow a certain resources to be accessed by only certain 
clearance levels, which increases security and flexibility. 

Regarding claim 9, Feigen teaches a method according to claim 8. 

Feigen does not explicitly indicate ordering the network layer of the gateway 
machine to delete any message sent to the third port 

Winiger teaches ordering the network layer of the gateway machine to delete any 
message sent to the third port (Column 6, lines 6 - 9). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Winiger's teaching of multiple security classification levels in 
Feigen's system in order to allow a certain resources to be accessed by only certain 
clearance levels, which increases security and blocks invalid attempts at resources 
which clearance has not been granted. 

Response to Arguments 

Applicant's arguments with respect to claims 7-14 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 
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Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kevin Bates whose telephone number is (571) 272- 
3980. The examiner can normally be reached on 8 am - 4:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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